138.197.146.114

Basic Info

City: unknown

Region: unknown

Country: unknown

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.197.146.75	attack	Scan port	2023-10-18 12:53:52
138.197.146.75	attack	Scan port	2023-09-23 19:49:04
138.197.146.75	attack	Scan port	2023-07-27 12:45:30
138.197.146.75	attack	port scan	2023-02-03 13:47:17
138.197.146.75	attack	Port scan	2022-12-23 13:51:21
138.197.146.132	attackbots	138.197.146.132 - - [30/Sep/2020:23:11:08 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [30/Sep/2020:23:11:10 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [30/Sep/2020:23:11:11 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-01 05:49:46
138.197.146.132	attackbotsspam	Wordpress framework attack - hard filter	2020-09-30 22:07:30
138.197.146.132	attack	138.197.146.132 - - [30/Sep/2020:04:04:40 +0200] "GET /wp-login.php HTTP/1.1" 200 1984 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [30/Sep/2020:04:04:40 +0200] "POST /wp-login.php HTTP/1.1" 200 2104 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [30/Sep/2020:04:04:46 +0200] "GET /wp-login.php HTTP/1.1" 200 1984 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [30/Sep/2020:04:04:47 +0200] "POST /wp-login.php HTTP/1.1" 200 2090 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [30/Sep/2020:04:04:47 +0200] "GET /wp-login.php HTTP/1.1" 200 1984 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [30/Sep/2020:04:04:53 +0200] "POST /wp-login.php HTTP/1.1" 200 2091 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/ ...	2020-09-30 14:40:08
138.197.146.132	attackspam	MYH,DEF GET /wp-login.php	2020-09-27 03:38:24
138.197.146.132	attackbots	138.197.146.132 - - [26/Sep/2020:11:29:07 +0100] "POST /wp-login.php HTTP/1.1" 200 2302 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [26/Sep/2020:11:29:08 +0100] "POST /wp-login.php HTTP/1.1" 200 2238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [26/Sep/2020:11:29:10 +0100] "POST /wp-login.php HTTP/1.1" 200 2234 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-26 19:37:03
138.197.146.132	attackbotsspam	138.197.146.132 - - [10/Sep/2020:10:56:20 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [10/Sep/2020:10:56:20 +0200] "POST /wp-login.php HTTP/1.1" 200 2698 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [10/Sep/2020:10:56:20 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [10/Sep/2020:10:56:21 +0200] "POST /wp-login.php HTTP/1.1" 200 2672 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [10/Sep/2020:10:56:26 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [10/Sep/2020:10:56:26 +0200] "POST /wp-login.php HTTP/1.1" 200 2673 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/ ...	2020-09-10 23:58:21
138.197.146.132	attackspam	CMS (WordPress or Joomla) login attempt.	2020-09-10 15:22:37
138.197.146.132	attack	Automatic report generated by Wazuh	2020-09-10 05:59:00
138.197.146.132	attack	WordPress wp-login brute force :: 138.197.146.132 0.068 BYPASS [25/Aug/2020:22:29:20 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2573 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-26 07:21:11
138.197.146.132	attack	CMS (WordPress or Joomla) login attempt.	2020-07-27 14:51:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.146.114
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41886
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.197.146.114.		IN	A

;; AUTHORITY SECTION:
.			420	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400

;; Query time: 26 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 07:34:15 CST 2022
;; MSG SIZE  rcvd: 108

Host info

114.146.197.138.in-addr.arpa domain name pointer jgonzalez.ca.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
114.146.197.138.in-addr.arpa	name = jgonzalez.ca.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
68.183.204.162	attackbots	2019-11-10 23:58:50,527 fail2ban.actions [1798]: NOTICE [sshd] Ban 68.183.204.162	2019-11-11 13:26:57
208.93.152.17	attackspambots	connection attempt to webserver FO	2019-11-11 13:54:13
51.83.76.139	attack	Automatic report - XMLRPC Attack	2019-11-11 13:51:28
45.80.65.35	attackspambots	Nov 11 10:54:10 areeb-Workstation sshd[25455]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.65.35 Nov 11 10:54:12 areeb-Workstation sshd[25455]: Failed password for invalid user squid from 45.80.65.35 port 59076 ssh2 ...	2019-11-11 13:36:19
45.136.110.48	attackbots	Nov 11 06:52:17 mc1 kernel: \[4737820.876187\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.48 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=52182 PROTO=TCP SPT=58482 DPT=9573 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 11 06:59:56 mc1 kernel: \[4738279.145801\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.48 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=52961 PROTO=TCP SPT=58482 DPT=9446 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 11 07:01:47 mc1 kernel: \[4738390.829792\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.48 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=7773 PROTO=TCP SPT=58482 DPT=9445 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-11 14:06:21
157.92.24.222	attackbotsspam	Nov 11 00:53:08 TORMINT sshd\[28888\]: Invalid user cocacola from 157.92.24.222 Nov 11 00:53:08 TORMINT sshd\[28888\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.92.24.222 Nov 11 00:53:10 TORMINT sshd\[28888\]: Failed password for invalid user cocacola from 157.92.24.222 port 59486 ssh2 ...	2019-11-11 13:54:28
14.248.83.23	attackspambots	14.248.83.23 - - \[11/Nov/2019:06:07:28 +0100\] "POST /wp-login.php HTTP/1.0" 200 5099 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 14.248.83.23 - - \[11/Nov/2019:06:07:32 +0100\] "POST /wp-login.php HTTP/1.0" 200 5093 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 14.248.83.23 - - \[11/Nov/2019:06:07:34 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 831 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-11 13:35:53
42.177.117.227	attack	Unauthorised access (Nov 11) SRC=42.177.117.227 LEN=40 TTL=49 ID=19981 TCP DPT=8080 WINDOW=48390 SYN	2019-11-11 13:38:17
51.68.70.72	attackspambots	Nov 11 06:58:19 jane sshd[24249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.70.72 Nov 11 06:58:21 jane sshd[24249]: Failed password for invalid user gorhan from 51.68.70.72 port 47864 ssh2 ...	2019-11-11 14:05:49
173.208.45.42	attack	Phished credentials and signed into mail in order to defraud company .	2019-11-11 14:07:22
95.105.233.209	attackspam	Nov 10 19:23:57 php1 sshd\[10216\]: Invalid user suveg from 95.105.233.209 Nov 10 19:23:57 php1 sshd\[10216\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.105.233.209 Nov 10 19:23:59 php1 sshd\[10216\]: Failed password for invalid user suveg from 95.105.233.209 port 51878 ssh2 Nov 10 19:27:40 php1 sshd\[10527\]: Invalid user torok from 95.105.233.209 Nov 10 19:27:40 php1 sshd\[10527\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.105.233.209	2019-11-11 13:41:08
85.244.80.184	attackspam	$f2bV_matches	2019-11-11 13:49:45
185.175.93.105	attack	11/11/2019-00:30:25.680599 185.175.93.105 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-11-11 13:59:42
49.231.166.197	attack	Nov 11 00:47:19 ny01 sshd[25434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.231.166.197 Nov 11 00:47:21 ny01 sshd[25434]: Failed password for invalid user chang from 49.231.166.197 port 54520 ssh2 Nov 11 00:51:45 ny01 sshd[25838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.231.166.197	2019-11-11 13:55:54
190.64.74.58	attack	Nov 10 23:58:14 web1 postfix/smtpd[31558]: warning: unknown[190.64.74.58]: SASL LOGIN authentication failed: authentication failure ...	2019-11-11 13:48:55

Recently Reported IPs

138.197.146.111	118.175.174.88	118.175.174.90	118.175.174.92
138.197.163.79	138.197.163.182	138.197.163.87	138.197.163.225
138.197.163.125	138.197.163.206	138.197.163.253	138.197.163.247
138.197.163.15	138.197.163.95	138.197.163.190	118.175.174.95
138.197.163.126	138.197.164.247	138.197.166.92	138.197.164.6